| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <6706839620038_1cca31294cf@willemb.c.googlers.com.notmuch>
Date: Wed, 09 Oct 2024 09:22:30 -0400
From: Willem de Bruijn <willemdebruijn.kernel@...il.com>
To: Jason Xing <kerneljasonxing@...il.com>,
Willem de Bruijn <willemdebruijn.kernel@...il.com>
Cc: davem@...emloft.net,
edumazet@...gle.com,
kuba@...nel.org,
pabeni@...hat.com,
dsahern@...nel.org,
willemb@...gle.com,
ast@...nel.org,
daniel@...earbox.net,
andrii@...nel.org,
martin.lau@...ux.dev,
eddyz87@...il.com,
song@...nel.org,
yonghong.song@...ux.dev,
john.fastabend@...il.com,
kpsingh@...nel.org,
sdf@...ichev.me,
haoluo@...gle.com,
jolsa@...nel.org,
bpf@...r.kernel.org,
netdev@...r.kernel.org,
Jason Xing <kernelxing@...cent.com>
Subject: Re: [PATCH net-next 1/9] net-timestamp: add bpf infrastructure to
allow exposing more information later
Jason Xing wrote:
> On Wed, Oct 9, 2024 at 2:45 AM Willem de Bruijn
> <willemdebruijn.kernel@...il.com> wrote:
> >
> > Jason Xing wrote:
> > > From: Jason Xing <kernelxing@...cent.com>
> > >
> > > Implement basic codes so that we later can easily add each tx points.
> > > Introducing BPF_SOCK_OPS_ALL_CB_FLAGS used as a test statement can help use
> > > control whether to output or not.
> > >
> > > Signed-off-by: Jason Xing <kernelxing@...cent.com>
> > > ---
> > > include/uapi/linux/bpf.h | 5 ++++-
> > > net/core/skbuff.c | 18 ++++++++++++++++++
> > > tools/include/uapi/linux/bpf.h | 5 ++++-
> > > 3 files changed, 26 insertions(+), 2 deletions(-)
> > >
> > > diff --git a/include/uapi/linux/bpf.h b/include/uapi/linux/bpf.h
> > > index c6cd7c7aeeee..157e139ed6fc 100644
> > > --- a/include/uapi/linux/bpf.h
> > > +++ b/include/uapi/linux/bpf.h
> > > @@ -6900,8 +6900,11 @@ enum {
> > > * options first before the BPF program does.
> > > */
> > > BPF_SOCK_OPS_WRITE_HDR_OPT_CB_FLAG = (1<<6),
> > > + /* Call bpf when the kernel is generating tx timestamps.
> > > + */
> > > + BPF_SOCK_OPS_TX_TIMESTAMPING_OPT_CB_FLAG = (1<<7),
> > > /* Mask of all currently supported cb flags */
> > > - BPF_SOCK_OPS_ALL_CB_FLAGS = 0x7F,
> > > + BPF_SOCK_OPS_ALL_CB_FLAGS = 0xFF,
> > > };
> > >
> > > /* List of known BPF sock_ops operators.
> > > diff --git a/net/core/skbuff.c b/net/core/skbuff.c
> > > index 74149dc4ee31..5ff1a91c1204 100644
> > > --- a/net/core/skbuff.c
> > > +++ b/net/core/skbuff.c
> > > @@ -5539,6 +5539,21 @@ void skb_complete_tx_timestamp(struct sk_buff *skb,
> > > }
> > > EXPORT_SYMBOL_GPL(skb_complete_tx_timestamp);
> > >
> > > +static bool bpf_skb_tstamp_tx(struct sock *sk, u32 scm_flag,
> > > + struct skb_shared_hwtstamps *hwtstamps)
> > > +{
> > > + struct tcp_sock *tp;
> > > +
> > > + if (!sk_is_tcp(sk))
> > > + return false;
> > > +
> > > + tp = tcp_sk(sk);
> > > + if (BPF_SOCK_OPS_TEST_FLAG(tp, BPF_SOCK_OPS_TX_TIMESTAMPING_OPT_CB_FLAG))
> > > + return true;
> > > +
> > > + return false;
> > > +}
> > > +
> > > void __skb_tstamp_tx(struct sk_buff *orig_skb,
> > > const struct sk_buff *ack_skb,
> > > struct skb_shared_hwtstamps *hwtstamps,
> > > @@ -5551,6 +5566,9 @@ void __skb_tstamp_tx(struct sk_buff *orig_skb,
> > > if (!sk)
> > > return;
> > >
> > > + if (bpf_skb_tstamp_tx(sk, tstype, hwtstamps))
> > > + return;
> > > +
> >
> > Eventually, this whole feature could probably be behind a
> > static_branch.
>
> You want to implement another toggle to control it? But for tx path
> "BPF_SOCK_OPS_TEST_FLAG(tp, BPF_SOCK_OPS_TX_TIMESTAMPING_OPT_CB_FLAG)"
> works as a per-netns toggle. I would like to know what you exactly
> want to do in the next move?
Not another toggle. A static branch that enables the datapath logic
when a BPF program becomes active. See also for instance ipv4_min_ttl.
Powered by blists - more mailing lists